Ask / Submit
3

WLAN issue 3.0.1.14 [duplicate]

asked 2019-02-10 18:10:58 +0300

hewi gravatar image

updated 2019-02-10 18:12:00 +0300

I have the strangest issue with my XA2 since updating to the latest update and installing Android Support. I can not connect via terminal ssh nemo@IP and from the phone i can only run pkcon refresh when mobile data is on.

With only WLAN enabled i get errors when trying to update from openrepos & jolla store though i can surft the net.

Could it be that the iptables are wrong (never edited them though)

Any idea WHERE to start troubleshooting?

edit retag flag offensive reopen delete

The question has been closed for the following reason "duplicate question" by cemoi71
close date 2019-03-04 20:07:02.762987

Comments

closed as duplicate.
sorry, i would prefer use "already answered in other thread", but it's quite similar. Even if the other one is newer.
Issue is nearer approached, other binaries bring more success. And jolla track this ticket..
Please give a look inside and bring your experience.
cheers

cemoi71 ( 2019-03-04 20:11:20 +0300 )edit

2 Answers

Sort by » oldest newest most voted
0

answered 2019-02-11 10:53:24 +0300

Pasko gravatar image

Hi.

As stated in the changelog for version 3.0.1 remote access via SSH for cellular with IPV6 has been disabled. You should add the appropriate line in file:

/etc/connman/firewall.d/00-devmode-firewall.conf

, just under the line with title [cellular]

IPv4.INPUT.RULES = -p tcp -m tcp --dport 22 -j ACCEPT

Should your Operator/ISP be using IPV6 instead of IPV4, change accordingly IPV4 --> IPV6

I also wrote a small note regarding VPN's here: (https://together.jolla.com/question/197356/remote-shell-over-cellularvpn-in-sailfish-30111/)

Hope this helps. Regards.

edit flag offensive delete publish link more

Comments

1

Thanks Pasko but i think this is not my problem. I connect to my home WLAN and run ifconfig on the XA2. It clearly shows that i have obtained an IP Adress but for example can not ping 8.8.8.8. Also i can not run updates from Jolla Store / Openrepos either via GUI or shell. Furthermore Jolla store does not show me any Android Apps. I have no idea what is going on since i installed 3.01.14

hewi ( 2019-02-11 18:21:45 +0300 )edit

Hi.

Sorry, I think I got it wrong.

Could you please post here the results of executing (as root) the following command while connected to WiFi?:

iptables-save

Is should show the rules that apply while your device is connected to WiFi....

Here's what I get while on my WLAN:

    # Generated by iptables-save v1.6.1 on Mon Feb 11 19:40:02 2019
*security
:INPUT ACCEPT [166800:194693381]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [81187290:15972921901]
COMMIT
# Completed on Mon Feb 11 19:40:02 2019
# Generated by iptables-save v1.6.1 on Mon Feb 11 19:40:02 2019
*raw
:PREROUTING ACCEPT [167187:194716827]
:OUTPUT ACCEPT [81187321:15972925683]
COMMIT
# Completed on Mon Feb 11 19:40:02 2019
# Generated by iptables-save v1.6.1 on Mon Feb 11 19:40:02 2019
*nat
:PREROUTING ACCEPT [396:24686]
:INPUT ACCEPT [16:1677]
:OUTPUT ACCEPT [969:70268]
:POSTROUTING ACCEPT [646954:46957855]
COMMIT
# Completed on Mon Feb 11 19:40:02 2019
# Generated by iptables-save v1.6.1 on Mon Feb 11 19:40:02 2019
*mangle
:PREROUTING ACCEPT [167187:194716827]
:INPUT ACCEPT [167180:194714867]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [77929:11331434]
:POSTROUTING ACCEPT [103565946:38972240422]
:connman-INPUT - [0:0]
:connman-POSTROUTING - [0:0]
-A INPUT -j connman-INPUT
-A POSTROUTING -j connman-POSTROUTING
-A connman-INPUT -j CONNMARK --restore-mark --nfmask 0xffffffff --ctmask 0xffffffff
-A connman-POSTROUTING -j CONNMARK --save-mark --nfmask 0xffffffff --ctmask 0xffffffff
COMMIT
# Completed on Mon Feb 11 19:40:02 2019
# Generated by iptables-save v1.6.1 on Mon Feb 11 19:40:02 2019
*filter
:INPUT DROP [374:21174]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [49250730:9835228087]
:connman-INPUT - [0:0]
:connman-OUTPUT - [0:0]
-A INPUT -j connman-INPUT
-A OUTPUT -j connman-OUTPUT
-A connman-INPUT -i wlan0 -p tcp -m tcp --dport 22 -j ACCEPT
-A connman-INPUT -i usb0 -j ACCEPT
-A connman-INPUT -i rndis0 -j ACCEPT
-A connman-INPUT -p icmp -m icmp ! --icmp-type 8/0 -j ACCEPT
-A connman-INPUT -p dccp -m multiport --dports 1024:65535 -j ACCEPT
-A connman-INPUT -p sctp -m multiport --dports 1024:65535 -j ACCEPT
-A connman-INPUT -p tcp -m multiport --dports 1024:65535 -j ACCEPT
-A connman-INPUT -p udplite -m multiport --dports 1024:65535 -j ACCEPT
-A connman-INPUT -p udp -m multiport --dports 1024:65535 -j ACCEPT
-A connman-INPUT -p esp -j ACCEPT
-A connman-INPUT -p ah -j ACCEPT
-A connman-INPUT -i lo -j ACCEPT
-A connman-INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A connman-OUTPUT -o usb0 -j ACCEPT
-A connman-OUTPUT -o rndis0 -j ACCEPT
-A connman-OUTPUT -p icmp -m icmp ! --icmp-type 0/0 -j ACCEPT
COMMIT
# Completed on Mon Feb 11 19:40:02 2019

Regards.

Pasko ( 2019-02-11 20:43:47 +0300 )edit

OK thanks first for taking the time to figure out whats wrong here. I reaaly am thankfull!!!!

hewi ( 2019-02-12 19:38:10 +0300 )edit

:PREROUTING ACCEPT [81:105982] :INPUT ACCEPT [77:104194] :OUTPUT ACCEPT [48:3067] :POSTROUTING ACCEPT [51:3763] COMMIT

Completed on Tue Feb 12 19:34:39 2019

Generated by iptables-save v1.6.1 on Tue Feb 12 19:34:39 2019

*mangle :PREROUTING ACCEPT [542:282710] :INPUT ACCEPT [540:282074] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [491:62335] :POSTROUTING ACCEPT [505:63698] :connman-INPUT - [0:0] :connman-POSTROUTING - [0:0] -A INPUT -j connman-INPUT -A POSTROUTING -j connman-POSTROUTING -A connman-INPUT -j CONNMARK --restore-mark --nfmask 0xffffffff --ctmask 0xffffffff -A connman-POSTROUTING -j CONNMARK --save-mark --nfmask 0xffffffff --ctmask 0xffffffff COMMIT

Completed on Tue Feb 12 19:34:39 2019

Generated by iptables-save v1.6.1 on Tue Feb 12 19:34:39 2019

*filter :INPUT DROP [2:1152] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1102465:618747707] :connman-INPUT - [0:0] :connman-OUTPUT - [0:0] -A INPUT -j connman-INPUT -A OUTPUT -j connman-OUTPUT -A connman-INPUT -i wlan0 -p tcp -m tcp --dport 22 -j ACCEPT -A connman-INPUT -i usb0 -j ACCEPT -A connman-INPUT -i rndis0 -j ACCEPT -A connman-INPUT -p icmp -m icmp ! --icmp-type 8/0 -j ACCEPT -A connman-INPUT -p dccp -m multiport --dports 1024:65535 -j ACCEPT -A connman-INPUT -p sctp -m multiport --dports 1024:65535 -j ACCEPT -A connman-INPUT -p tcp -m multiport --dports 1024:65535 -j ACCEPT -A connman-INPUT -p udplite -m multiport --dports 1024:65535 -j ACCEPT -A connman-INPUT -p udp -m multiport --dports 1024:65535 -j ACCEPT -A connman-INPUT -p esp -j ACCEPT -A connman-INPUT -p ah -j ACCEPT -A connman-INPUT -i lo -j ACCEPT -A connman-INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A connman-OUTPUT -o usb0 -j ACCEPT -A connman-OUTPUT -o rndis0 -j ACCEPT -A connman-OUTPUT -p icmp -m icmp ! --icmp-type 0/0 -j ACCEPT COMMIT

hewi ( 2019-02-12 19:40:00 +0300 )edit

and sorry i have no idea how to make the code look nice here

hewi ( 2019-02-12 19:40:42 +0300 )edit
0

answered 2019-03-04 20:06:04 +0300

cemoi71 gravatar image

Issue discussed in following thread with good results:
https://together.jolla.com/question/200869/no-wifi-wlan-after-flashing-sailfish-x-to-xperia-xa2-plus-any-idea/

The binaries of AOSP oreo v17 from sony seems to be involved by the issue.
Currently it is recommended to use the v16 one.
All is described in the answer.

cheers

edit flag offensive delete publish link more

Question tools

Follow
3 followers

Stats

Asked: 2019-02-10 18:10:58 +0300

Seen: 507 times

Last updated: Mar 04